Underwrite your business continuity with cyber resilienceBy Ravi Rajendran
Businesses understand the tremendous impact that digital transformation and the adoption of new technology can have on revenue generation and providing greater customer value. However, with increased technology adoption comes the exponential risk of falling victim to the digital plague of ransomware because for every new data generated, a business’s attack surface expands.
The Cyber Security Agency of Singapore (CSA)’s 2022 Cyber Landscape reveals Singapore faced 132 reported ransomware attacks in 2022, with the number noted as “not likely to represent the full extent of ransomware threats as not every victim will report an attack.” Regardless, cyber threats like ransomware pose an immense challenge for businesses, their IT and Security teams, and stakeholders. The intense cyber threat landscape of today means that protecting, managing, securing, and recovering data is harder than ever because cyberattacks and data breaches are now unfortunately a ‘when’ and not ‘if’ reality. Cyberattacks and cybercrime undermine the trust of companies, creating distrust in technology adoption, impacting brand reputation, and disrupting revenue generation.
The other unfortunate reality is that malicious actors often have a greater incentive to innovate in the short to medium term because of the immediate financial gain they can realise through ransom payments, compared to businesses whose cyber resilience return on investment is not realised until a cyberattack occurs. This emboldens malicious actors to exploit organisations’ bulging attack surfaces, which continue to expand through the rapid uptake of data-driven applications, the adoption of multi-cloud or hybrid data environments, and many IT and Security teams being overstretched.
The cost of cyber attacks stretches far beyond ransom payments
The financial cost of attacks can cripple companies, with the latest IBM Security & Ponemon Institute Cost of a Data Breach Report finding the average cost of a data breach in ASEAN now averages US$2.87m. Similarly, the ITIC’s 2022 Global Server Hardware Security survey has found the average hourly cost of downtime exceeds US$300,000 for 91% of companies, with security and data breaches causing over three-quarters of operational downtime. The cost footprint of cyberattacks was also highlighted in the CSA’s 2022 Cyber Landscape, with the CSA’s Head of Incident Response & Management sharing that “the cost of an attack on reputation and the remediation cost far outweighs regular investments in cybersecurity.”
In late 2022, Singapore’s Counter Ransomware Task Force (CRTF) was convened to develop recommendations to help Singapore counter ransomware. This included the CRTF releasing its inaugural report, which provided strong recommendations on how to address ransomware, including the importance of implementing robust backup plans keeping data in separate places, not giving into ransomware demands to disincentivise attackers and disrupt the ransomware trade, and suggesting that cyber insurance policies should be reviewed by authorities to ensure they don’t encourage ransom payments. The 2022 CSA Cyber Landscape backs up this guidance by stating that “prevention is key to avoid falling victim to ransomware” and that “organisations should take steps to secure their systems and backup critical data”.
So, how can businesses align with and implement these recommendations? By focusing on holistic cyber resilience, which starts with prioritising the ability to recover data and restore business processes when an attack occurs.
Cyber resilience must be prioritised and practised
Cyber resilience is the ability to continue to deliver business outcomes, operate, or generate revenue, despite an adverse cyber event occurring. When a malicious attack takes place, it is not specifically a business’s technology, people, or processes being tested, it is their cyber resilience that is tested because of its crucial impact in maintaining business continuity. This is why cybercriminals can demand ransom payments and multiple payments from businesses that fall victim to a cyberattack because the longer operations and revenue generation are disrupted, then the greater the reputational damage, erosion of stakeholder trust, and the hit to revenue.
To combat malicious attackers, businesses need to build or strengthen their cyber resilience. When cyber resilience becomes the overarching objective of a security posture, instead of simply conforming solely to a regulation or compliance standard, the focus shifts to conducting business securely. This then redefines the requirements a security posture needs to address to ensure the business can continue to function when an attack occurs.
The best way to adopt a ‘cyber resilience first’ approach is to start with determining what data is vital for your business to continue to operate and where the level of sensitivity of the data could have a significant business impact if it is breached, stolen, or leaked. If the exploitation of data and specific data sets will cause a significant impact on your organisation, then it is valuable to malicious actors and is susceptible to exploitation. This is why it is crucial to know if your business-critical data can be recovered without a full data restore, whether you have an immutable backup (a backup that can’t be tampered with by malicious actors) of this data if the data is encrypted in transit and at rest, and if your data backups can meet a predetermined recovery time target.
Businesses should encourage and empower their IT and Security teams to tactically come together with the shared goal of establishing or maintaining cyber resilience across their people, processes, and technology. By doing so, businesses can successfully respond to cyberattacks, as data recovery is what allows the business and its operations to recover, which is just as important as traditional cyberattack remediation. The positive news is that modern data management and security platforms not only provide organisations with the data recovery and threat intelligence capabilities they need today but integrate IT responsibilities and insights into Security teams’ existing technology and processes.
As cyber resilience underpins business continuity, it must also be prioritised by senior management, executives, and boards. By adopting a holistic organisational approach to cyber resilience incorporating both data management and security capabilities best practices, from technology implementation right through to end user policies, businesses will shore up their operational continuity, minimise their compliance risk, and meet regulatory requirements.
In a world where cyberattacks are now a case of ‘when’ not ‘if’, businesses that prioritise cyber resilience will not only underwrite their future continuity but obtain a competitive advantage in this digital age.